Online Virus Checker | v.1.0.158.174 |
DB Version: | 2024-02-04 05:00:34 |
RedLine Stealer is a malicious program designed to exfiltrate users’ confidential data from browsers, systems, and installed software. It is often delivered through email attachments or compromised websites. RedLine not only steals sensitive information but also poses a significant threat by introducing other malware into the victim's operating system. This two-pronged attack approach makes RedLine a potent and dangerous cyber threat.
File | Monotone.exe |
Checked | 2024-02-04 03:47:52 |
MD5 | cd6cddac2686df01814705f21e6da343 |
SHA1 | f29ad4efdc160ffba5cb63e01349ec9b84123e30 |
SHA256 | 0f7f86530b7fa2e693a2a3a5bf69957e61c2f45d39418d077285a1ea6f4bb992 |
SHA512 | a673d521f316d3e0fa87a99effa33c5dc4fde315e72b7f6cbb828a94ffe8ebeed4bf9ca6fe858b3c69327aa4ce05ae02b37e2a392abb7cc728c4bbe2ab9a6de4 |
Imphash | f326f88ca83c9aacaa44acfb8884f1d4 |
File Size | 164352 bytes |
Gridinsoft has the capability to identify and eliminate Malware.Win64.RedLine.bot without requiring further user intervention.
e759b9982cf1c77678a8c81ae8b2f999 3b5d3c7d207e37dceeedd301e35e2e58 0000000000000000 |
|
Image Base: | 0x140000000 |
Entry Point: | 0x140001000 |
Compilation: | 2018-02-01 19:43:01 |
Checksum: | 0x00000000 (Actual: 0x00034430) |
OS Version: | 4.0 |
PEiD: | PE32+ executable (console) x86-64, for MS Windows |
Sign: | The PE file does not contain a certificate table. |
Sections: | 6 |
Imports: | msvcrt, KERNEL32, SHELL32, WINMM, OLE32, SHLWAPI, USER32, GDI32, COMCTL32, |
Exports: | 0 |
Resources: | 11 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Entropy |
---|---|---|---|---|---|
.code | 0x00001000 | 0x00005b79 | 0x00005c00 | aa16f98b8fe7f2b775e16d029f583896 | 5.51 |
.text | 0x00007000 | 0x00010a35 | 0x00010c00 | 981bc6e1f1f7aa59aff461d618525a35 | 6.33 |
.rdata | 0x00018000 | 0x00004b8d | 0x00004c00 | 626f5b2f4c9e5c74296566e1aedb36b8 | 6.68 |
.pdata | 0x0001d000 | 0x00001134 | 0x00001200 | 160e0be5ce9d191773103a22e378fe5d | 4.99 |
.data | 0x0001f000 | 0x000023a8 | 0x00001600 | 21c9a825e380fa805c2efe06cc5d1adb | 4.38 |
.rsrc | 0x00022000 | 0x0000a080 | 0x0000a200 | ede0b08941d6148bff99c8c9f8b2736d | 5.82 |